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DETAILED ACTION 
Response to Amendment 

1. Applicant's arguments/amendments with respect to amended claims 30, 56, 58, and 65, 
and presently pending claims 1-65, filed on September 6, 2005 have been fiilly considered but 
they are not persuasive. The examiner would like to point out that this action is made final 
(MPEP 706.07a). 

2. The examiner accepts the amended claims for 101 objection and oath. 

Claim Rejections - 35 USC § 112 

3. The following is a quotation of the second paragraph of 35 U.S.C. 1 12: 

The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the 
subject matter which the applicant regards as his invention. 

4. Claims 30-57 are rejected under 35 U.S.C. 1 12, second paragraph, as being indefinite for 
failing to particularly point out and distinctly claim the subject matter which applicant regards as 
the invention. 

Applicant amends claim 30 wherein "wherein the device of the second system has means 
for receipt of said information from the second device. . It is unclear what applicant wanted to 
claim. However the appHcant might have intended to say, "wherein the device of the second 
system has means for receipt of said information from the first device..." Appropriate correction 
is required in response to this action. 
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Response to Arguments 

5. Applicant argues that: 

a. Independent claims 1, 29, 30, 58-60, and 65 are not taught by Sudia to include 
wherein ''signing the certificate for the key using the authenticated identity of the user in 
the first system, storing authenticated identify of the first user in the second user, the 
device of the second system transferring the signed certificate to a third party of the 
second system, and wireless device is not taught by Sudia'' (page 19 par. 1, page 20 par. 
1-2, page 22 par. 1, page 23 par. 3, and page 24 par. 4). 

b. Dependent claims 2-28, 3 1 -57, and 61-64 are allowable based upon their 
dependency on allowable claims 1, 29, 30, 58-60, and 65 (page 21, page 22, and page 25 
par. 2). 

However, Examiner disagrees with applicant. 

Regarding argument (a). Argument is not persuasive. Sudia teaches a Device 1 with 
authorized/authenticated System Wide Authority (SWA) private-pubUc key and 
certificate (col. 13 Unes 16-18), and transmitting the identity, i.e. serial number, logical 
name, and private key of Device 1 /Device 2 SWA key share, of the Device 1 to the 
Device 2 (col. 13 lines 66-col. 14 lines 4, col. 13 lines 40-42, and col. 12 lines 63-65), 
and signing using authorized/authenticated Device 2 SWA key share (col. 14 Unes 14- 
34). Device 2 SWA key share is authorized private key of Device 1 (col. 12 lines 54- 
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60, lines 63-65, and fig. 5). Device 2 stores the authenticated identity (SWA key share) of 
Device 1 (col. 13 lines 30-34, and fig. 5 element 95). Second device transfers the signed 
certificate to a third party/Device 3/trusted party (col. 14 lines 35-36). Sudia also 
discloses a wireless notebook computers/trusted signing devices (col. 9 lines 51-57). 

Regarding argument (b), examiner disagrees with applicant. Based on the arguments set 
forth by the examiner for arguments (a), the dependent claims stand rejected. 

The examiner is not trying to teach the invention but is merely trying to interpret the 
claim language in its broadest and reasonable meaning. Therefore, the examiner asserts 
that the system of the prior art, Sudia teaches or suggests the subject matter as recited in 
independent claimsl, 29, 30, 58-60, and 65. Dependent claims 2-28, 31-57, and 61-64 are 
also rejected at least by virtue of their dependency on independent claims and by other 
reason set forth in this office action dated November 17, 2005. Accordingly, rejections 
for claims 1-65 are respectfully maintained. 

Rejections 

6. The text of those sections of Title 35, U.S. Code not included in this action can be found 
in a prior Office action. 

Claim Rejections - 35 USC § 102 
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7. Claims 1-9, 1 1-12, 14, 17-23, 26-27, 29-38, 40-41, 43, 46-52, 55-56, 58-63, and 65 are 
rejected under 35 U.S.C. 102(b) as being anticipated by Sudia et al. (Sudia, Patent No.: US 
6,209,091 Bl). 

As per claim 1, 29, and 58, Sudia teaches a method/system of authenticating a user of a second 
system where the user has an authenticated identity in a first system (col. 6 lines 54-65), 
comprising the steps of 

the second system causing a key to be generated for use in the second system (col. 14 
lines 4-7); 

the second system generating a certificate for the key (col. 13 lines 66-col. 14 lines 4); 

and 

signing the certificate for the key using the authenticated identity of the user in the first 
system (col. 14 lines 14-26). 

As per claim 30, Sudia teaches a system for authenticating a user of a second system where the 
user has an authenticated identity in a first system, comprising: 

a device forming part of the second system (first device/device 2 generates a hash of the 
certificate generated by second device/device 1), the device having means for causing a key to be 
generated for use in the second system (col. 14 hnes 4-7 and lines 16-33), 

said device of the second system having means for generating a certificate for the key 
(col. 14 lines 4-7); and a second device forming part of the first system (lines 16-33; certificate 
of device 1 is hashed by device 2), 
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the second device having means for storing information regarding the authenticated 
identity of the user in the first system (col. 9 lines 37-42), 

said second device further having means for communicating said information (col 13 
lines 66-67); and 

wherein the device of the first system has means for receipt of said information from the 
second device (col. 13 lines 66-67), and further has means for signing the certificate for the key 
using the authenticated identity of the user in the first system (col. 14 lines 14-27). 

As per claim 59, Sudia teaches a device for authenticating a user of a second system where the 
user has an authenticated identity in* a first system, wherein the device forms part of the second 
system comprising: 

means for generating a key for use in the second system (col. 14 lines 4-7); 

means for generating a certificate for the key (col. 13 lines 66-col. 14 lines 4); 

means for transferring the certificate to a device forming part of the first system (col. 13 
lines 66-67, and col. 14 lines 16-19), said device of the first system having information 
concerning the authenticated identity of the user in the first system, so as to sign the certificate 
using the authenticated identity of the user in the first system (col. 14 lines 16-33); and 

wherein said device of the second system (device 1) further comprises means for receipt 
of said signed certificate (col. 15 lines 61-64) and means for transferring the signed certificate to 
a third party of said second system (col. 15 lines 16-19). 
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As per claim 60, Sudia teaches a wireless device for use in authenticating a user of a second 
system where the user has an authenticated identity in a first system associated with the wireless 
device, wherein the second system includes a device having means for causing a key to be 
generated for use in the second system, means for generating a certificate for the key, and means 
for transferring the certificate to another device; 

wherein the wireless device (col. 9 lines 51-57) comprises: 

means for storing information regarding the authenticated identity of the user in the first 

system (col. 9 lines 37-42); 

means for receipt of the certificate from the second device (col. 13 lines 66-67); and 
means for signing the certificate using the authenticated identity of the user in the first 

system and transferring the signed certificate to the device of the second system (col. 14 lines 14- 

22; certificate of device 1 is signed by device 2). 

As per claim 65, Sudia teaches a computer program product for implementing the authentication 
of a user of a second system where the user has an authenticated identity in a first system, 
comprising: 

a computer readable medium; 

a device forming part of the second system (first device/device 2 generates a hash of the 
certificate generated by second device/device 1), the device having program code in said 
computer readable medium for generating a key for use in the second system (col. 14 lines 4-7 
and lines 16-33), 
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said device of the second system having program code in said computer readable medium 
for generating a certificate for the key (lines 16-33; certificate of device 1 is hashed by device 2); 
and 

a second device forming part of the first system, the second device having program code 
in said computer readable medium for storing the authenticated identity of the user in the first 
system (col. 9 lines 37-42); and 

wherein the second device has program code in said computer readable medium for 
signing the certificate generated by the device of the second system using the information 
regarding the authenticated identity of the user in the first system and transferring the signed 
certificate to the device of the second system (col. 14 lines 14-27). 

As per claims 2, 3 1, and 61, Sudia teaches a method, wherein the key is generated by the second 
system (col. 24 lines 30-31, and fig. 23). 

As per claims 3 and 62, Sudia teaches a method, wherein the key is generated by the first system 
(col. 12 lines 55-57). 

As per claims 4 and 33, Sudia teaches a method/system, further comprising the step of a third 
party communicating with the user of the second system (col. 15 lines 61-64) and verifying the 
user of the second system by the authenticated identity of the user of the first system (col. 15 
lines 16-19). 
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As per claims 5 and 34, Sudia teaches a method/system, wherein the third party is a server (col. 6 
lines 54-61). 

As per claims 6 and 35, Sudia teaches a method/system, wherein the key comprises a private- 
public key pair and where the certificate includes the public key of the key pair (col. 14 lines 1-4, 
and col. 6 lines 54-61). 

As per claims 7 and 36, Sudia teaches a method/system, wherein the certificate further includes 
an identity which is the same as the authenticated identity of the user of the first system (col. 14 
lines 1-4). 

As per claims 8, 14, 37, 43, and 63, Sudia teaches a method/system/apparatus, where the 
authenticated identity of the user in the first system comprises a private-pubhc key pair and a 
certificate issued by a Certification Authority, and where the signing of the second system 
generated certificate is by hashing at least some data in the certificate to obtain a hash value, 
encrypting this hash value using the private key of the first system private-public key pair, arid 
adding the encrypted hash value to the certificate (col. 14 lines 16-33). 

As per claims 9 and 1 2, Sudia teaches a method, wherein the private key of first system private- 
public key pair is stored in a wireless identity module (col. 9 lines 51-57). 

As per claims 1 1 and 40, Sudia teaches a method/system, where the identity of the user in the 
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first system comprises a private-public key pair and an associated certificate issued by a 
Certification Authority (col. 6 lines 54-65, and col. 15 lines 61-64). 

As per claims 17 and 46, Sudia teaches a method/system, wherein the certificate for the key 
includes the full certification tree for the key, said fiill certification tree including a certificate of 
the first system for the user of the first system (fig. 9 No. 141). 

As per claims 18 and 47, Sudia teaches a method/system, wherein the first system is a wireless 
communication system (col. 9 lines 51-57). 

As per claims 19 and 48, Sudia teaches a method/system, wherein the second system a computer 
connected to the Internet (fig. 1 No. 21). 

As per claims 20 and 49, Sudia teaches a method/system, wherein the second system uses a 
security protocol for establishing a secure session (col. 7 lines 42-49). 

As per claims 21 and 50, Sudia teaches a method/system, wherein the security protocol is 
selected from the group consisting of Transport Layer Security, IP Security Protocol and Secure 
Socket Layer (col. 9 lines 3-4). 

As per claims 22 and 51, Sudia teaches a method/system, wherein the wireless communication 
system uses a wireless identity module (WIM) in an associated wireless device of the user of the 
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first system for establishing the identity of the user of the first system (col. 9 lines 5 1-57). 

As per claims 23 and 52, Sudia teaches a method/system, wherein the WIM contains a private 
key of the user of the first system and wherein a corresponding public key of the user of the first 
system is certified by a Certification Authority (col. 6 lines 54-61, and col. 15 lines 16-19). 

As per claims 26 and 55, Sudia teaches a method/system, wherein an accepted operation is the 
use of the key for use in the second system for encryption of data but not for signature 
verification (col. 6 lines 61-63, and col. 23 lines 27-28). 

As per claims 27 and 56, Sudia teaches a method/system, where the certificate does not contain 
the identity of the user associated with the user generated key, and where the signing of the 
certificate using the authenticated identity of the user of the first system includes appending the 
full certification tree of the first user to the user generated key (fig. 9 No. 141). 

As per claim 32, Sudia teaches a system, wherein the second device forming part of the first 
system further comprises means for generating said key (col 14 hnes 4-7). 

As per claims 38 and 41, Sudia teaches a system, wherein the private key of the first system 
private-public key pair is stored in a wireless identity module forming part of the second device 
(col. 9 lines 37-42, and col. 9 lines 51-57). 
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Claim Rejections - 35 USC § 103 

8. Claims 10, 13, 15-16, 39, 42, 44-45, and 64 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Sudia et al. (Sudia, Patent No.: US 6,209,091 Bl), and fiirther in view of 
Wheeler et al (Wheeler, Patent No.: US 6,892,302 B2). 

As per claims 10, 13, 15, 39, 42, 44, and 64, Sudia teaches all the subject matter as described 
above. Sudia fails to disclose password authentication to access private key prior to signing the 
certificate. 

However Wheeler teaches a method, wherein prior to signing the certificate for the key for use in 
the second system, the user of the first system obtains access to its private key by entry of a 
password (Wheeler col. 2 lines 48-53). 

Therefore it would have been obvious to one having ordinary skill in the art at the time of 
the invention was made to employ the teachings of Wheeler within the system of Sudia because 
they are analogues art in generating a certificate (Wheeler col. 2 lines 49-53). One in the art ^ 
would have been motivated to incorporate the teachings of Wheeler into Sudia because it would 
guard against fraudulent use of a device through theft of the device (Wheeler col. 2 lines 48-53). 

As per claims 16 and 45, Sudia and Wheeler teach all the subject matter as described above. In 
addition, Wheeler teaches a method/system, wherein the password is a personal identification 
number (Wheeler col. 2 lines 48-53). The rational for combining are the same as claim 10 above. 



» 
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9. Claims 24-25, 28, 53-54, and 57 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Sudia et al. (Sudia, Patent No.: US 6,209,091 Bl), and Wheeler et al. 
(Wheeler, Patent No.: US 6,892,302 B2), and further in view of Hurtado et al. (Hurtado, 
Patent No.: US 6,418,421 Bl). 

As per claims 24 and 53, Sudia and Wheeler teach all the subject matter as described above. 
Sudia and Wheeler fail to disclose usage limitations. However Hurtado discloses a 
method/system, wherein the certificate for the key for use in the second system contains one or 
more usage limitations (Hurtado col. 9 lines 56-65, and fig. 5 element 533). 

Therefore it would have been obvious to one having ordinary skill in the art at the time of 
the invention was made to employ the teachings of Hurtado within the combination system of 
Sudia and Wheeler because they are analogous in certificate and digital signature (Hurtado col. 
24 lines 58-63). One in the art would have been motivated to incorporate the teachings of 
Hurtado into Sudia and Wheeler because it would specify content usage conditions by granting 
or restricting access to the user (Hurtado col. 12 lines 25-27) 

As per claims 25 and 54, Sudia, Wheeler, and Hurtado teach all the subject matter as described 
above. In addition, Hurtado teaches a method/system, wherein one usage limitation is that a third 
party of the second system should accept the key for use in the second system only for certain 
types of operations (Hurtado col. 9 lines 56-65, and fig. 5 element 533). The rational for 
combining are the same as claim 24 above. 
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As per claims 28 and 57, Sudia, Wheeler, and Hurtado teach all the subject matter as described 
above. In addition, Hurtado teaches a method/system, where the first and second users are the 
same entity (Hurtado coL 11 lines 36-43; content that has usages and signature is played on 
various devices of the End-user). The rational for combining are the same as claim 24 above. 

Conclusion 

10. THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time 
policy as set forth in 37 CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within TWO 
MONTHS of the mailing date of this final action and the advisory action is not mailed until after 
the end of the THREE-MONTH shortened statutory period, then the shortened statutory period 
will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 
CFR 1 .136(a) will be calculated from the mailing date of the advisory action. In no event, 
however, will the statutory period for reply expire later than SIX MONTHS from the mailing 
date of this final action. 

1 1 . Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Eleni A. Shiferaw whose telephone number is 571-272-3867. 
The examiner can normally be reached on Mon-Fri 8:00am-5:00pm. 
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If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz R. Sheikh can be reached on 571-272-3795. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for pubhshed applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 



E. S. 



November 17, 2005 




